MyAssignmenthelp.com, profile picture
Uploaded byMyAssignmenthelp.com
PPTX, PDF3,020 views

Digital Forensic Case Study

The document outlines a digital forensic investigation plan for a global finance company, detailing the need for a structured methodology, team resources, and tools required for data collection and analysis. Key steps include identifying and preserving digital evidence, analyzing potential security breaches, and preparing a comprehensive report summarizing findings. The document emphasizes the importance of maintaining data integrity and employing skilled personnel throughout the investigation process.

Education
Related topics:
Digital Forensics

Embed presentation

Downloaded 88 times
 justify why use of the digital forensic methodology and approach is warranted including procedures for corporate investigation.(Apply with the case study)  describe the resources required to conduct a digital forensic investigation, including team member skill sets and required tools. .(Apply with the case study)  outline an approach for data/evidence identification and acquisition that would occur in order to prepare the auditors for review of the digital evidence. .(Apply with the case study)  outline an approach and steps to be taken during the analysis phase making the assumption the computer system is a Microsoft Windows-based computer. .(Apply with the case study)  create a table of contents for the investigative plan describing what the primary focus of the report would be. .(Apply with the case study) myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html For more information :
 Global finance company has 10000 employees.  It has introduced network communication and computerization in all its branches  A fear of security was raised by one of the managers  Digital forensic audit was performed to look into the security issues  The investigation was conducted on the MS word, Outlook, and other deleted files in the manager’s computer For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
◦ The data from the target computer should not be modified but kept for reference ◦ The audit team must have high skill and expertise ◦ The relevant documentation and trial conducted by the audit team must be preserved ◦ Information Security Officer is solely responsible for the security. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
◦ Recognize the security systems that has lapsed. ◦ Recognize all the digital evidence ◦ All the malicious activities are recognized with 5W’s ◦ Recognize the legal procedure ◦ To analyze and find the impact on the branch ◦ Submit the final report to the head For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
◦ Collection ◦ Examination ◦ Analysis ◦ Report For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
 It is basically the acquisition of data  Recording and labeling the data of the computers in the Queensland branches  Two ways of collecting data: ◦ Volatile ◦ Non-volatile  Data is also collected from other sources like offline and online. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
 The computer of the manager that is targeted computer can be accessed via. LAN connection.  A tool collection that is trusted and can be recorded and used through cmd.exe file.  The commands needed are: Cryptcat <id address> 6543 – k key Cryptcat -1 –p 6543 –k key >> <filename>  Windows based tools that are to be used on the Windows based systems are, o HBGray’s fastDump to obtain the local physical memory o HBGray’s F-Response to obtain remote physical memory o Ipconfig is used for the collection of subject system details o Netusers and qusers can identify logged in user information o Doskey or history for collecting command history o Netfile is used to identify the services and drivers  Data is acquired from Ram, registry and cache memory, network, etc For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
 This kind of data is present in the permanent storage of the computing device.  Copying this type of data for the local office is known as forensic imaging  Data is collected from storage devices like hard disk, CD, DVD, etc.  The data should be preserved without any modifications or alteration.  The process of forensic imaging can be done using tools like, EnCase, ProDiscover and FTK.  The data is imitated as the ROM or read only memory by the team performing audit.  The audit team use write blocker. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
 File system assessment : NTFS contains MFT that has information of the files and disc in the OS. To get the file c:more <file1.txt:file2.txt is used.  Windows registry assessment: The window registry structure is HKEY_CLASSES_ROOT HKEY_USERS HKEY_CURRENT_USER HKEY_CURRENT_CONFIG HKEY_LOCAL_MACHINE Information's present here are- user activity, MRU, auto start  Database forensic assessment: Here, DDL, DML transactions in the database is assessed  Network forensic assessment: The browsing data, mails, IP address are assessed. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
 Gather the hidden or odd files  Unusual accounts  For strangely opened sockets  Abnormal application requirements  Malicious activities  Total memory investigation  Total file systems investigation  Malware analysis  Total timeline analysis  Total event correlation investigation For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
◦ The computer is identified via. remote access by the attacker ◦ Os patches ◦ The source of compromise ◦ The suspected malware For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
 The audit team finally prepares the report after the through investigation ◦ Point of the report: It is submitted so that detail of the investigation can be known to the authorized personnel ◦ Author of the report: Information security officer. ◦ Incident summary: The foundation of the conciliation explored from the computer of the manager and is caused due to x1, x2 and x3 reasons For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
◦ Evidence: All the important digital evidence and log file tracked in the analysis ◦ Analysis: Investigation of the unlawful sources, completed from the sources x, y and z ◦ Conclusion: The computer of the manager and other computing devices in the local office are systematically investigated and lastly the sources are found where they found any sign of compromise ◦ Supporting documents: These documents involve non- volatile and volatile information For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
 All the devices in the local as well as the manager’s computer was investigated properly  Examination was done to see unauthorized and authorized sources  The compromise’s source explored and found  The report is submitted to the Information security officer. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
 Kenneth J. Zahn (2013), “Case Study: 2012 DC3 Digital Forensic Challenge Basic Malware Analysis Exercise”, GIAC (FREM) Gold Certification  John Ashcroft (2001), “Electronic Crime Scene Investigation, A guide for First Responders”, NIJ Guide  M Reith, C Carr, G Gunsch (2002). "An examination of digital forensic models". International Journal of Digital Evidence  Richard Brian Adams (2012), “The Advanced Data Acquisition Model (ADAM): A Process Model for Digital Forensic Practice”  Agarwal, A., Gupta, M., Gupta, S., & Gupta, S. C. (2011). “Systematic Digital Forensic Investigation Model”, International Journal of Computer Science and Security, 5(1), 118- 130.  Armstrong, C. (2003), “Mastering Computer Forensics. In C. Irvine & H. Armstrong”, Security Education and Critical Infrastructures Kluwer Academic Publishers. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html

More Related Content

PPTX
Computer forensics toolkit
byMilap Oza
 
PDF
Digital Forensic: Brief Intro & Research Challenge
byAung Thu Rha Hein
 
PDF
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
PPT
Computer forensics
bySCREAM138
 
PDF
Digital forensic
byChandan Sah
 
PPT
Collecting and preserving digital evidence
byOnline
 
PPTX
Digital forensics
byVidoushi B-Somrah
 
PPTX
Legal aspects of digital forensics
byKakshaPatel3
 
Computer forensics toolkit
byMilap Oza
 
Digital Forensic: Brief Intro & Research Challenge
byAung Thu Rha Hein
 
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
Computer forensics
bySCREAM138
 
Digital forensic
byChandan Sah
 
Collecting and preserving digital evidence
byOnline
 
Digital forensics
byVidoushi B-Somrah
 
Legal aspects of digital forensics
byKakshaPatel3
 

What's hot

PPTX
Digital Forensic ppt
bySuchita Rawat
 
PPTX
Computer forensics powerpoint presentation
bySomya Johri
 
PPTX
Digital forensics
byyash sawarkar
 
PPT
Digital Forensic
byCleverence Kombe
 
PDF
Incident response methodology
byPiyush Jain
 
PPTX
Cyber Forensics Overview
byYansi Keim
 
PDF
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
PPTX
Mobile Phone Seizure Guide by Raghu Khimani
byDr Raghu Khimani
 
PPTX
Digital forensics
byvishnuv43
 
PPT
Preserving and recovering digital evidence
byOnline
 
PPTX
Mobile Forensics
byabdullah roomi
 
PPTX
Computer forensic ppt
byPriya Manik
 
PPT
Windows forensic artifacts
byn|u - The Open Security Community
 
PDF
Digital Crime & Forensics - Presentation
byprashant3535
 
PPTX
DF Process Models
byCostas Katsavounidis
 
PPTX
Data Acquisition
byprimeteacher32
 
PPTX
Computer Forensics ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
L6 Digital Forensic Investigation Tools.pptx
byBhupeshkumar Nanhe
 
PDF
03 Data Recovery - Notes
byKranthi
 
PPTX
Network Forensics
byprimeteacher32
 
Digital Forensic ppt
bySuchita Rawat
 
Computer forensics powerpoint presentation
bySomya Johri
 
Digital forensics
byyash sawarkar
 
Digital Forensic
byCleverence Kombe
 
Incident response methodology
byPiyush Jain
 
Cyber Forensics Overview
byYansi Keim
 
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
Mobile Phone Seizure Guide by Raghu Khimani
byDr Raghu Khimani
 
Digital forensics
byvishnuv43
 
Preserving and recovering digital evidence
byOnline
 
Mobile Forensics
byabdullah roomi
 
Computer forensic ppt
byPriya Manik
 
Windows forensic artifacts
byn|u - The Open Security Community
 
Digital Crime & Forensics - Presentation
byprashant3535
 
DF Process Models
byCostas Katsavounidis
 
Data Acquisition
byprimeteacher32
 
Computer Forensics ppt
byOECLIB Odisha Electronics Control Library
 
L6 Digital Forensic Investigation Tools.pptx
byBhupeshkumar Nanhe
 
03 Data Recovery - Notes
byKranthi
 
Network Forensics
byprimeteacher32
 

Viewers also liked

PDF
Digital Evidence in Computer Forensic Investigations
byFilip Maertens
 
PPTX
Digital forensics research: The next 10 years
byShekh Md Mehedi Hasan
 
PPT
Cyber forensic standard operating procedures
bySoumen Debgupta
 
PPT
Forensic Lab Development
byamiable_indian
 
PDF
Digital forensic upload
bySetia Juli Irzal Ismail
 
PDF
The Future of Digital Forensics
by00heights
 
PDF
Hunting malware with volatility v2.0
byFrank Boldewin
 
PPTX
Open Source Forensics
byCTIN
 
PPT
Identifying and Collecting Digital Evidence Webinar
byCase IQ
 
PPTX
Draft current state of digital forensic and data science
byDamir Delija
 
PDF
Survey & Review of Digital Forensic
byAung Thu Rha Hein
 
PDF
BDO Digital Forensic
byBDO Indonesia
 
PDF
Digital Crime & Forensics - Report
byprashant3535
 
PPTX
Workshop Digital Forensic - Cyber Security Community
byAntonio Andre
 
PPS
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
byClubHack
 
PPTX
Delitos Informaticos y Legislacion Colombiana
byInstituto De Investigacion Forense
 
PDF
Digital Forensic
byRavi Nayak
 
PPSX
Forensic Digital Photography and GPS with Google Earth
byDean A. Beers, CLI
 
PDF
Cybercrime Investigations and IT Act,2000
byKarnika Seth
 
PDF
Practical Sentiment Analysis
byPeople Pattern
 
Digital Evidence in Computer Forensic Investigations
byFilip Maertens
 
Digital forensics research: The next 10 years
byShekh Md Mehedi Hasan
 
Cyber forensic standard operating procedures
bySoumen Debgupta
 
Forensic Lab Development
byamiable_indian
 
Digital forensic upload
bySetia Juli Irzal Ismail
 
The Future of Digital Forensics
by00heights
 
Hunting malware with volatility v2.0
byFrank Boldewin
 
Open Source Forensics
byCTIN
 
Identifying and Collecting Digital Evidence Webinar
byCase IQ
 
Draft current state of digital forensic and data science
byDamir Delija
 
Survey & Review of Digital Forensic
byAung Thu Rha Hein
 
BDO Digital Forensic
byBDO Indonesia
 
Digital Crime & Forensics - Report
byprashant3535
 
Workshop Digital Forensic - Cyber Security Community
byAntonio Andre
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
byClubHack
 
Delitos Informaticos y Legislacion Colombiana
byInstituto De Investigacion Forense
 
Digital Forensic
byRavi Nayak
 
Forensic Digital Photography and GPS with Google Earth
byDean A. Beers, CLI
 
Cybercrime Investigations and IT Act,2000
byKarnika Seth
 
Practical Sentiment Analysis
byPeople Pattern
 

Similar to Digital Forensic Case Study

PDF
Cyber Forensics Module 1
byManu Mathew Cherian
 
PPT
Introduction to computer forensic
byOnline
 
PPTX
cyber forensics
byAmbuj Kumar
 
PPTX
Computer forensics Slides
byVarun Sehgal
 
PPT
Secure Computer Forensics and its tools
byKathirvel Ayyaswamy
 
PPTX
unit 5 understanding computer forensics.pptx
byDimple Relekar
 
PPTX
Introduction to Cyber Forensics Module 1
byAnpumathews
 
PPT
Computer Forensic
byTawhidur Rahman
 
PPTX
computer forensics
byshivi123456
 
DOCX
Cyber&digital forensics report
byyash sawarkar
 
PPTX
Network and computer forensics
byJohnson Ubah
 
PDF
Test Bank for Guide to Computer Forensics and Investigations, 5th Edition
bykaytibhurke
 
PPTX
Computer forensic
byShashi Mishra
 
PPTX
Review on Cyber Forensics - Copy.pptx
byVaishnaviBorse8
 
PDF
Final Outline of Forensic Presentation.pdf
byImranKhan423233
 
PDF
Computer forencis
byTeja Bheemanapally
 
DOCX
Malware analysis
byAnne ndolo
 
PPTX
DIGITAL FORENSICS_PRESENTATION
byAmina Baha
 
PDF
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
byGnanavi2
 
PDF
IT forensic
byRupesh Verma
 
Cyber Forensics Module 1
byManu Mathew Cherian
 
Introduction to computer forensic
byOnline
 
cyber forensics
byAmbuj Kumar
 
Computer forensics Slides
byVarun Sehgal
 
Secure Computer Forensics and its tools
byKathirvel Ayyaswamy
 
unit 5 understanding computer forensics.pptx
byDimple Relekar
 
Introduction to Cyber Forensics Module 1
byAnpumathews
 
Computer Forensic
byTawhidur Rahman
 
computer forensics
byshivi123456
 
Cyber&digital forensics report
byyash sawarkar
 
Network and computer forensics
byJohnson Ubah
 
Test Bank for Guide to Computer Forensics and Investigations, 5th Edition
bykaytibhurke
 
Computer forensic
byShashi Mishra
 
Review on Cyber Forensics - Copy.pptx
byVaishnaviBorse8
 
Final Outline of Forensic Presentation.pdf
byImranKhan423233
 
Computer forencis
byTeja Bheemanapally
 
Malware analysis
byAnne ndolo
 
DIGITAL FORENSICS_PRESENTATION
byAmina Baha
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
byGnanavi2
 
IT forensic
byRupesh Verma
 

Recently uploaded

PDF
Multiple Myeloma , definition, etiology, PP, CM , DE and management
byNisha Borsa
 
PPTX
AN EXTREMELY BORING GENERAL QUIZ FOR UG.pptx
bySriramG47
 
PPTX
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
PDF
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
PDF
The voice of the rain poem class 11th.pdf
byReeta Baral
 
PDF
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
PPTX
Access partner report in Odoo 18.2 _ Odoo 19
byCeline George
 
PPTX
How to Track a Link Using Odoo 18 SMS Marketing
byCeline George
 
PDF
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
PPTX
PURPOSIVE SAMPLING IN EDUCATIONAL RESEARCH RACHITHRA RK.pptx
byssuser047b711
 
PPTX
How to Manage Package Reservation in Odoo 18 Inventory
byCeline George
 
PPTX
Planning Assessment for Outcome-based Education
byAdri Jovin
 
PPTX
UNIT 1: COMMUNICATION SKILLS, BARRIERS TO COMMUNICATION, PERSPECTIVES IN COMM...
byPOOJA KARVANDE
 
PPTX
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
PDF
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
PPTX
Steve Hale - Developing Elite Young Goalkeepers 2024.pptx
bypjmfd
 
PDF
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
PPTX
Basics in Phytochemistry, Extraction, Isolation methods, Characterisation etc.
byD. Y. Patil College of Pharmacy, Kolhapur.
 
PPTX
Introduction-to-Anatomy-and-Physiology.pptx
byAshish Umale
 
PPTX
Multiple Linear Regression - Least Square Method X₁ on X₂ and X₃
bySundar B N
 
Multiple Myeloma , definition, etiology, PP, CM , DE and management
byNisha Borsa
 
AN EXTREMELY BORING GENERAL QUIZ FOR UG.pptx
bySriramG47
 
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
The voice of the rain poem class 11th.pdf
byReeta Baral
 
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
Access partner report in Odoo 18.2 _ Odoo 19
byCeline George
 
How to Track a Link Using Odoo 18 SMS Marketing
byCeline George
 
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
PURPOSIVE SAMPLING IN EDUCATIONAL RESEARCH RACHITHRA RK.pptx
byssuser047b711
 
How to Manage Package Reservation in Odoo 18 Inventory
byCeline George
 
Planning Assessment for Outcome-based Education
byAdri Jovin
 
UNIT 1: COMMUNICATION SKILLS, BARRIERS TO COMMUNICATION, PERSPECTIVES IN COMM...
byPOOJA KARVANDE
 
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
Steve Hale - Developing Elite Young Goalkeepers 2024.pptx
bypjmfd
 
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
Basics in Phytochemistry, Extraction, Isolation methods, Characterisation etc.
byD. Y. Patil College of Pharmacy, Kolhapur.
 
Introduction-to-Anatomy-and-Physiology.pptx
byAshish Umale
 
Multiple Linear Regression - Least Square Method X₁ on X₂ and X₃
bySundar B N
 
In this document
Powered by AI

Justifies the need for digital forensic methodology, team skill sets, and data/evidence acquisition processes.

Details a global finance company's digital forensic audit, highlighting employee count and security concerns.

Discusses data preservation, expertise needed for audit teams, and the role of the Information Security Officer.

Identifies security lapses, digital evidence, legal procedures, and reporting structure of findings.

Outlines core steps in the forensic process: Collection, Examination, Analysis, and Reporting.

Explains acquisition methods for volatile and non-volatile data from various sources.

Describes remote access tools and commands for data collection in a Windows environment.

Details forensic imaging methods for data preservation, highlighting essential tools and processes.

Examines NTFS, registry structures, and various forensic assessments including database and network forensics.

Lists methods for investigating malicious activities and unusual findings in total memory and file systems.

Discusses how the audit identifies the compromise source, malware, and OS vulnerabilities.

Details the final audit report's purpose, authorship, and key findings summary.

Summarizes key investigations of digital evidence, findings regarding unauthorized access, and supporting documents.

Covers thorough examination of devices, identification of source compromise, and report submission.

Lists significant references and case studies on digital forensics for further research.

Digital Forensic Case Study

  • 2.
     justify whyuse of the digital forensic methodology and approach is warranted including procedures for corporate investigation.(Apply with the case study)  describe the resources required to conduct a digital forensic investigation, including team member skill sets and required tools. .(Apply with the case study)  outline an approach for data/evidence identification and acquisition that would occur in order to prepare the auditors for review of the digital evidence. .(Apply with the case study)  outline an approach and steps to be taken during the analysis phase making the assumption the computer system is a Microsoft Windows-based computer. .(Apply with the case study)  create a table of contents for the investigative plan describing what the primary focus of the report would be. .(Apply with the case study) myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html For more information :
  • 3.
     Global financecompany has 10000 employees.  It has introduced network communication and computerization in all its branches  A fear of security was raised by one of the managers  Digital forensic audit was performed to look into the security issues  The investigation was conducted on the MS word, Outlook, and other deleted files in the manager’s computer For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 4.
    ◦ The datafrom the target computer should not be modified but kept for reference ◦ The audit team must have high skill and expertise ◦ The relevant documentation and trial conducted by the audit team must be preserved ◦ Information Security Officer is solely responsible for the security. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 5.
    ◦ Recognize thesecurity systems that has lapsed. ◦ Recognize all the digital evidence ◦ All the malicious activities are recognized with 5W’s ◦ Recognize the legal procedure ◦ To analyze and find the impact on the branch ◦ Submit the final report to the head For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 6.
    ◦ Collection ◦ Examination ◦Analysis ◦ Report For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 7.
     It isbasically the acquisition of data  Recording and labeling the data of the computers in the Queensland branches  Two ways of collecting data: ◦ Volatile ◦ Non-volatile  Data is also collected from other sources like offline and online. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 8.
     The computerof the manager that is targeted computer can be accessed via. LAN connection.  A tool collection that is trusted and can be recorded and used through cmd.exe file.  The commands needed are: Cryptcat <id address> 6543 – k key Cryptcat -1 –p 6543 –k key >> <filename>  Windows based tools that are to be used on the Windows based systems are, o HBGray’s fastDump to obtain the local physical memory o HBGray’s F-Response to obtain remote physical memory o Ipconfig is used for the collection of subject system details o Netusers and qusers can identify logged in user information o Doskey or history for collecting command history o Netfile is used to identify the services and drivers  Data is acquired from Ram, registry and cache memory, network, etc For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 9.
     This kindof data is present in the permanent storage of the computing device.  Copying this type of data for the local office is known as forensic imaging  Data is collected from storage devices like hard disk, CD, DVD, etc.  The data should be preserved without any modifications or alteration.  The process of forensic imaging can be done using tools like, EnCase, ProDiscover and FTK.  The data is imitated as the ROM or read only memory by the team performing audit.  The audit team use write blocker. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 10.
     File systemassessment : NTFS contains MFT that has information of the files and disc in the OS. To get the file c:more <file1.txt:file2.txt is used.  Windows registry assessment: The window registry structure is HKEY_CLASSES_ROOT HKEY_USERS HKEY_CURRENT_USER HKEY_CURRENT_CONFIG HKEY_LOCAL_MACHINE Information's present here are- user activity, MRU, auto start  Database forensic assessment: Here, DDL, DML transactions in the database is assessed  Network forensic assessment: The browsing data, mails, IP address are assessed. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 11.
     Gather thehidden or odd files  Unusual accounts  For strangely opened sockets  Abnormal application requirements  Malicious activities  Total memory investigation  Total file systems investigation  Malware analysis  Total timeline analysis  Total event correlation investigation For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 12.
    ◦ The computeris identified via. remote access by the attacker ◦ Os patches ◦ The source of compromise ◦ The suspected malware For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 13.
     The auditteam finally prepares the report after the through investigation ◦ Point of the report: It is submitted so that detail of the investigation can be known to the authorized personnel ◦ Author of the report: Information security officer. ◦ Incident summary: The foundation of the conciliation explored from the computer of the manager and is caused due to x1, x2 and x3 reasons For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 14.
    ◦ Evidence: Allthe important digital evidence and log file tracked in the analysis ◦ Analysis: Investigation of the unlawful sources, completed from the sources x, y and z ◦ Conclusion: The computer of the manager and other computing devices in the local office are systematically investigated and lastly the sources are found where they found any sign of compromise ◦ Supporting documents: These documents involve non- volatile and volatile information For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 15.
     All thedevices in the local as well as the manager’s computer was investigated properly  Examination was done to see unauthorized and authorized sources  The compromise’s source explored and found  The report is submitted to the Information security officer. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html
  • 16.
     Kenneth J.Zahn (2013), “Case Study: 2012 DC3 Digital Forensic Challenge Basic Malware Analysis Exercise”, GIAC (FREM) Gold Certification  John Ashcroft (2001), “Electronic Crime Scene Investigation, A guide for First Responders”, NIJ Guide  M Reith, C Carr, G Gunsch (2002). "An examination of digital forensic models". International Journal of Digital Evidence  Richard Brian Adams (2012), “The Advanced Data Acquisition Model (ADAM): A Process Model for Digital Forensic Practice”  Agarwal, A., Gupta, M., Gupta, S., & Gupta, S. C. (2011). “Systematic Digital Forensic Investigation Model”, International Journal of Computer Science and Security, 5(1), 118- 130.  Armstrong, C. (2003), “Mastering Computer Forensics. In C. Irvine & H. Armstrong”, Security Education and Critical Infrastructures Kluwer Academic Publishers. For more information : myassignmenthelp.com/answers/digital-forensic/digital-forensic-case-study-objectives-this-assessment -item-relates-to-the-course-leaing-outcome-1-to-9-as-stated-on-page-1-of-the-cou.html